Encryption is a process that may be used to maintain the secrecy or privacy associated with data by making that data indecipherable except to those possessing special knowledge. That special knowledge may take the form of one or more keys. Decryption is the counterpart to encryption and is used to recover or access the data. For legitimate or authorized users, the decryption may take place via the use of the one or more keys.
Unauthorized users that do not have access to the special knowledge (e.g., the key(s)) may still wish to obtain the data. For example, the data may have value to the unauthorized users. Such value may include financial value, political value, and social value, for example.
Side channel analysis (SCA), sometimes referred to as a side channel attack, is one technique unauthorized users have implemented to obtain the data. SCA is based on information gained from the physical qualities or characteristics of a device or system performing the encryption. SCA may be based on obtaining a profile of timing (e.g., measuring how much time various computations take to perform), power (e.g., measuring power consumption), electromagnetic radiation (e.g., measuring emitted radiation), and/or acoustic (e.g., measuring sound produced) characteristics.
Conventional solutions for addressing SCA include hardware mirroring and the exercising of additional substitution boxes (S-boxes). Hardware mirroring is used to obtain a consistent (e.g., a flat) profile by ensuring that access to internal hardware, such as hardware registers or gates, appears similar, thereby preventing identification of a specific exercise of any particular hardware element.
Hardware mirroring is expensive in terms of fabrication and development costs, as hardware mirroring requires greater hardware complexity. Exercising additional S-boxes is expensive from a power consumption perspective, as more S-boxes are exercised (and hence, draw more power) than are actually needed.